package com.xtwy.web;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("/")
public class UserInfoController {

    /**
     * 用户查询
     * @return
     */
    @RequestMapping("/user")
    public String userInfo(){
        Subject subject = SecurityUtils.getSubject();
        if(subject.isPermitted("user")){
            return "user";
        }else{
            return "你无权访问";
        }
    }

    /**
     * 角色
     * 对应：authorizationInfo.addStringPermission("role");
     * @return
     */
    @RequiresPermissions( "role" )
    @RequestMapping("/role")
    public String userInfoAdd(){
        return "role";
    }

    /**
     * 权限
     * 对应：  authorizationInfo.addStringPermission("perm");
     * @return
     */
    @RequestMapping("/prem")
    public String userDel(){
        return "prem";
    }
}